webinterface.git

@@ -1,5 +1,6 @@

 <?php

+require_once('inc/base.php');

 function list_system_users()

 {

@@ -27,4 +28,41 @@ function list_customers()

 }

-?>

+function find_customers($string) 

+{

+  $string = mysql_real_escape_string(chop($string));

+  $return = array();

+  $result = db_query("SELECT k.id FROM kundendaten.kunden AS k LEFT JOIN kundendaten.kundenkontakt AS kk ".

+                     "ON (kk.kundennr = k.id) LEFT JOIN system.useraccounts AS u ON (k.id=u.kunde) WHERE ".

+                     "firma LIKE '%{$string}%' OR firma2 LIKE '%{$string}%' OR ".

+                     "nachname LIKE '%{$string}%' OR vorname LIKE '%{$string}%' OR ".

+                     "adresse LIKE '%{$string}%' OR adresse2 LIKE '%{$string}%' OR ".

+                     "ort LIKE '%{$string}%' OR pgp_id LIKE '%{$string}%' OR ".

+                     "notizen LIKE '%{$string}%' OR kk.name LIKE '%{$string}%' OR ".

+                     "kk.wert LIKE '%{$string}%' OR u.name LIKE '%{$string}%' OR ".

+                     "u.username LIKE '%{$string}%' OR k.id='{$string}' OR u.uid='{$string}';");

+  while ($entry = mysql_fetch_assoc($result))

+    $return[] = $entry['id'];

+

+  return $return;

+}

+

+

+function find_users_for_customer($id)

+{

+  $id = (int) $id;

+  $return = array();

+  $result = db_query("SELECT uid, username FROM system.useraccounts WHERE ".

+                     "kunde='{$id}';");

+  while ($entry = mysql_fetch_assoc($result))

+    $return[$entry['uid']] = $entry['username'];

+

+  return $return;

+}

+

+

+

+

+

+

+

@@ -1,5 +1,6 @@

 <?php

+require_once('inc/base.php');

 require_once('inc/debug.php');

 require_once('session/start.php');

@@ -7,6 +8,24 @@ require_once('su.php');

 require_role(ROLE_SYSADMIN);

+if (isset($_GET['type']))

+{

+  check_form_token('su_su_ajax', $_GET['formtoken']);

+  $role = NULL;

+  if ($_GET['type'] == 'customer') {

+    $role = find_role($_GET['id'], '', True);

+    setup_session($role, $_GET['id']);

+  } elseif ($_GET['type'] == 'systemuser') {

+    $role = find_role($_GET['uid'], '', True);

+    setup_session($role, $_GET['uid']);

+  } else {

+    system_failure('unknown type');

+  }

+

+  header('Location: ../../go/index/index');

+  die();

+}

+

 if (isset($_POST['submit']))

 {

   check_form_token('su_su');

@@ -26,6 +43,41 @@ output('<h3>Benutzer wechseln</h3>

 <p>Hiermit können Sie (als Admin) das Webinterface mit den Rechten eines beliebigen anderen Benutzers benutzen.</p>

 ');

+$debug = '';

+if ($debugmode)

+  $debug = 'debug&';

+

+html_header('<script type="text/javascript" src="'.$prefix.'js/ajax.js" ></script>

+<script type="text/javascript">

+<!--

+

+function doRequest() {

+  ajax_request(\'su_ajax\', \''.$debug.'q=\'+document.getElementById(\'query\').value, got_response)

+}

+

+function keyPressed() {

+  if(window.mytimeout) window.clearTimeout(window.mytimeout);

+  window.mytimeout = window.setTimeout(doRequest, 500);

+  return true;

+}

+

+function got_response() {

+  if (xmlHttp.readyState == 4) {

+    document.getElementById(\'response\').innerHTML = xmlHttp.responseText;

+  }

+}

+

+// -->

+</script>

+');

+

+output(html_form('su_su_ajax', '', '', '<strong>Suchtext:</strong> <input type="text" id="query" onkeyup="keyPressed()" />

+'));

+output('<div id="response"></div>

+<div style="height: 3em;">&#160;</div>');

+

+

+

 $users = list_system_users();

 $options = '';

 foreach ($users as $user)